Explicit Congestion Notification

Explicit Congestion Notification (ECN) is an extension to the Internet Protocol and to the Transmission Control Protocol and is defined in RFC 3168 (2001). ECN allows end-to-end notification of network congestion without dropping packets. ECN is an optional feature that may be used between two ECN-enabled endpoints when the underlying network infrastructure also supports it.

Conventionally, TCP/IP networks signal congestion by dropping packets. When ECN is successfully negotiated, an ECN-aware router may set a mark in the IP header instead of dropping a packet in order to signal impending congestion. The receiver of the packet echoes the congestion indication to the sender, which reduces its transmission rate as if it detected a dropped packet.

Rather than responding properly or ignoring the bits, some outdated or faulty network equipment has historically dropped or mangled packets that have ECN bits set. , measurements suggested that the fraction of web servers on the public Internet for which setting ECN prevents network connections had been reduced to less than 1%.

Passive support has existed in Ubuntu Linux since 12.04 and in Windows Server since 2012. Passive support in the most popular websites has increased from 8.5% in 2012 to over 70% in May 2017. Adoption across the Internet now requires clients to actively request ECN. In June 2015, Apple announced that ECN will be enabled by default on its supported and future products, to help drive the adoption of ECN signaling industry-wide.

Operation

ECN requires specific support at both the Internet layer and the transport layer for the following reasons:
* In TCP/IP, routers operate within the Internet layer, while the transmission rate is handled by the endpoints at the transport layer.
* Congestion may be handled only by the transmitter, but since it is known to have happened only after a packet was sent, there must be an echo of the congestion indication by the receiver to the transmitter.

Without ECN, congestion indication echo is achieved indirectly by the detection of lost packets. With ECN, the congestion is indicated by setting the ECN field within an IP packet to CE (Congestion Encountered) and is echoed back by the receiver to the transmitter by setting proper bits in the header of the transport protocol. For example, when using TCP, the congestion indication is echoed back by setting the ECE bit.

Operation of ECN with IP

ECN uses the two least significant (right-most) bits of the Traffic Class field in the IPv4 or IPv6 header to encode four different code points:
* 00 – Non ECN-Capable Transport, Non-ECT
* 10 – ECN Capable Transport, ECT(0)
* 01 – ECN Capable Transport, ECT(1)
* 11 – Congestion Encountered, CE.

When both endpoints support ECN they mark their packets with ECT(0) or ECT(1). Routers treat the ECT(0) and ECT(1) codepoints as equivalent. If the packet traverses an active queue management (AQM) queue (e.g., a queue that uses random early detection (RED)) that is experiencing congestion and the corresponding router supports ECN, it may change the code point to CE instead of dropping the packet. This act is referred to as "marking" and its purpose is to inform the receiving endpoint of impending congestion. At the receiving endpoint, this congestion indication is handled by the upper layer protocol (transport layer protocol) and needs to be echoed back to the transmitting node in order to signal it to reduce its transmission rate.

Because the CE indication can only be handled effectively by an upper layer protocol that supports it, ECN is only used in conjunction with upper layer protocols, such as TCP, that support congestion control and have a method for echoing the CE indication to the transmitting endpoint.

Operation of ECN with TCP

TCP supports ECN using two flags in the TCP header. The first, ''ECN-Echo'' (ECE) is used to echo back the congestion indication (i.e., signal the sender to reduce the transmission rate). The second, ''Congestion Window Reduced'' (CWR), to acknowledge that the congestion-indication echoing was received. Use of ECN on a TCP connection is optional; for ECN to be used, it must be negotiated at connection establishment by including suitable options in the SYN and SYN-ACK segments.

When ECN has been negotiated on a TCP connection, the sender indicates that IP packets that carry TCP segments of that connection are carrying traffic from an ECN Capable Transport by marking them with an ECT code point. This allows intermediate routers that support ECN to mark those IP packets with the CE code point instead of dropping them in order to signal impending congestion.

Upon receiving an IP packet with the ''Congestion Experienced'' code point, the TCP receiver echoes back this congestion indication using the ECE flag in the TCP header. When an endpoint receives a TCP segment with the ECE bit it reduces its congestion window as for a packet drop. It then acknowledges the congestion indication by sending a segment with the CWR bit set.

A node keeps transmitting TCP segments with the ECE bit set until it receives a segment with the CWR bit set.

To see affected packets with tcpdump, use the filter predicate (tcp 3& 0xc0 != 0).

ECN and TCP control packets

Since the Transmission Control Protocol (TCP) does not perform congestion control on control packets (pure ACKs, SYN, FIN segments), control packets are usually not marked as ECN-capable.

A 2009 proposal suggests marking SYN-ACK packets as ECN-capable. This improvement, known as ECN+, has been shown to provide dramatic improvements to performance of short-lived TCP connections.Aleksandar Kuzmanovic. The power of explicit congestion notification. In ''Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications''. 2005.

Operation of ECN with other transport protocols

ECN is also defined for other transport layer protocols that perform congestion control, notably DCCP and Stream Control Transmission Protocol (SCTP). The general principle is similar to TCP, although the details of the on-the-wire encoding differ.

It is possible to use ECN with protocols layered above UDP. However, UDP requires that congestion control be performed by the application, and early UDP based protocols such as DNS did not use ECN. More recent UDP based protocols such as QUIC are using ECN for congestion control.

Effects on performance

Since ECN is only effective in combination with an Active Queue Management (AQM) policy, the benefits of ECN depend on the precise AQM being used. A few observations, however, appear to hold across different AQMs.

As expected, ECN reduces the number of packets dropped by a TCP connection, which, by avoiding a retransmission, reduces latency and especially jitter. This effect is most drastic when the TCP connection has a single outstanding segment, when it is able to avoid an RTO timeout; this is often the case for interactive connections, such as remote logins, and transactional protocols, such as HTTP requests, the conversational phase of SMTP, or SQL requests.

Effects of ECN on bulk throughput are less clear because modern TCP implementations are fairly good at resending dropped segments in a timely manner when the sender's window is large.

Use of ECN has been found to be detrimental to performance on highly congested networks when using AQM algorithms that never drop packets. Modern AQM implementations avoid this pitfall by dropping rather than marking packets at very high load.

Implementations

Many modern implementations of the TCP/IP protocol suite have some support for ECN; however, they usually ship with ECN disabled.

ECN support in TCP by hosts

Microsoft Windows

Windows versions since Windows Server 2008 and Windows Vista support ECN for TCP. Since Windows Server 2012, it is enabled by default in Windows Server versions, because Data Center Transmission Control Protocol (DCTCP) is used. In previous Windows versions and non-server versions it is disabled by default.

ECN support can be enabled using a shell command such as .

BSD

On FreeBSD, ECN for TCP can be configured using the sysctl. By default, it is enabled only for incoming connections that request it. It can also be enabled for all connections or disabled entirely.

NetBSD 4.0 implements ECN support for TCP; it can be activated through the sysctl interface by setting 1 as value for the parameter.

Likewise, the sysctl can be used in OpenBSD.

Linux

Since version 2.4.20 of the Linux kernel, released in November 2002, Linux supports three working modes of the ECN for TCP, as configured through the sysctl interface by setting parameter to one of the following values:
* disable ECN and neither initiate nor accept it
* enable ECN when requested by incoming connections, and also request ECN on outgoing connection attempts
* (default) enable ECN when requested by incoming connections, but do not request ECN on outgoing connections

Beginning with version 4.1 of the Linux kernel, released in June 2015, the mechanism, as specified in RFC 3168 section 6.1.1.1, is enabled by default when ECN is enabled (the value of 1). The fallback mechanism attempts ECN connectivity in the initial setup of outgoing connections, with a graceful fallback for transmissions without ECN capability, mitigating issues with ECN-intolerant hosts or firewalls.

Mac OS X

Mac OS X 10.5 and 10.6 implement ECN support for TCP. It is controlled using the boolean sysctl variables and . The first variable enables ECN on incoming connections that already have ECN flags set; the second one tries to initiate outgoing connections with ECN enabled. Both variables default to , but can be set to to enable the respective behavior.

In June 2015, Apple Inc. announced that OS X 10.11 would have ECN turned on by default, but the OS shipped without that default behavior. In macOS Sierra, ECN is enabled for half of TCP sessions.

iOS

In June 2015, Apple Inc. announced that iOS 9, its next version of iOS, would support ECN and have it turned on by default. TCP ECN negotiation is enabled on 5% of randomly selected connections over Wi-Fi / Ethernet in iOS 9 and 50% of randomly selected connections over Wi-Fi / Ethernet and a few cellular carriers in iOS 10 and 100% for iOS 11

Solaris

The Solaris kernel supports three states of ECN for TCP:
* no ECN
* use ECN
* only advertise ECN support when asked for.

As of Solaris 11.4, the default behavior is . ECN usage can be modified via .

ECN support in IP by routers

Since ECN marking in routers is dependent on some form of active queue management, routers must be configured with a suitable queue discipline in order to perform ECN marking.

Cisco IOS routers perform ECN marking if configured with the WRED queuing discipline since version 12.2(8)T.

Linux routers perform ECN marking if configured with one of the RED or GRED queue disciplines with an explicit ''ecn'' parameter, by using the sfb discipline, by using the CoDel Fair Queuing (fq_codel) discipline, or the CAKE queuing discipline.

Modern BSD implementations, such as FreeBSD, NetBSD and OpenBSD, have support for ECN marking in the ALTQ queueing implementation for a number of queuing disciplines, notably RED and Blue. FreeBSD 11 included CoDel, PIE, FQ-CoDel and FQ-PIE queuing disciplines implementation in ipfw/dummynet framework with ECN marking capability.

Data Center TCP

''Data Center Transmission Control Protocol'' (''Data Center TCP'' or ''DCTCP'') utilizes ECN to enhance the Transmission Control Protocol congestion control algorithm. It is used in data center networks. Whereas the standard TCP congestion control algorithm is only able to detect the ''presence'' of congestion, DCTCP, using ECN, is able to gauge the ''extent'' of congestion.

DCTCP modifies the TCP receiver to always relay the exact ECN marking of incoming packets at the cost of ignoring a function that is meant to preserve signalling reliability. This makes a DCTCP sender vulnerable to loss of ACKs from the receiver, which it has no mechanism to detect or cope with. , algorithms that provide equivalent or better receiver feedback in a more reliable approach are an active research topic.

See also

* Backward ECN (BECN)
* Network congestion avoidance
* Type of service (ToS)

References

External links

ECN web page by Sally Floyd
* {{IETF RFC, 4774, link=no (BCP 124), ''Specifying Alternate Semantics for the Explicit Congestion Notification (ECN) Field'', S. Floyd, (November 2006)

Linux kernel support for defining a per-route/destination congestion control algorithm
(merged in Linux kernel 4.0)

Network performance
Transport layer protocols
Flow control (data)

da:Undgåelse af datanet-trafikforstoppelse#IP ECN